diff --git a/.travis.yml b/.travis.yml
index 33330787..261d01f7 100644
--- a/.travis.yml
+++ b/.travis.yml
@@ -1,6 +1,8 @@
 language: node_js
 node_js:
+  - "0.12"
   - "0.10"
+  - "iojs"
 
 before_install:
   - npm update -g npm
diff --git a/lib/app/index.js b/lib/app/index.js
index 856fa730..148813fe 100644
--- a/lib/app/index.js
+++ b/lib/app/index.js
@@ -176,7 +176,14 @@ var App = function () {
 
 
     // Get the path to the file, decoding the request URI
-    staticPath = this.config.staticFilePath + decodeURIComponent(reqUrl);
+    staticPath = path.resolve(path.join(this.config.staticFilePath, decodeURIComponent(reqUrl)));
+
+    // Prevent directory traversal
+    if (staticPath.indexOf(this.config.staticFilePath) !== 0) {
+      this.handleNotFound(reqUrl, params, reqObj, respObj);
+      return;
+    }
+
     // Ignore querystring
     staticPath = staticPath.split('?')[0];
 
diff --git a/package.json b/package.json
index 15952f23..60282d95 100644
--- a/package.json
+++ b/package.json
@@ -8,7 +8,7 @@
     "MVC",
     "realtime"
   ],
-  "version": "13.0.7",
+  "version": "13.0.8",
   "author": "Matthew Eernisse <mde@fleegix.org> (http://fleegix.org)",
   "dependencies": {
     "barista": "0.2.x",
@@ -43,4 +43,4 @@
   "engines": {
     "node": "*"
   }
-}
\ No newline at end of file
+}